The vulnerability of the SplunkDeploymentServerConfig component of the Splunk Enterprise platform for operational analytics allows a perpetrator to disclose protected information.

The vulnerability of the Splunk Enterprise platform for operational analysis is related to deficiencies in the authentication process. Exploiting this vulnerability could allow an attacker to disclose sensitive information that is protected by the system...

CVE-2024-45732

In Splunk Enterprise versions below 9.3.1, and 9.2.0 versions below 9.2.3, and Splunk Cloud Platform versions below 9.2.2403.103, 9.1.2312.200, 9.1.2312.110 and 9.1.2308.208, a low-privileged user that does not hold the "admin" or "power" Splunk roles could run a search as the "nobody" Splunk use...

CVE-2022-32157

Splunk Enterprise deployment servers in versions before 9.0 allow unauthenticated downloading of forwarder bundles. Remediation requires you to update the deployment server to version 9.0 and Configure authentication for deployment servers and clients...

CVE-2022-32157

Splunk Enterprise deployment servers in versions before 9.0 allow unauthenticated downloading of forwarder bundles. Remediation requires you to update the deployment server to version 9.0 and Configure authentication for deployment servers and clients...